The Heartbleed Bug

1058 Words3 Pages

“Imagine if you woke up one morning, and found out that Walmart was now selling a device for $5 that could easily and instantly open almost any deadbolt lock. That’s right - the kind of lock that is supposed to give “extra protection” to just about every door on earth. That’s the magnitude of security problem posed by the Heartbleed Bug,” says Kevin Morris from the Electronics Engineering Journal (April 15, 2014). Heartbleed is a “security vulnerability uncovered in April 2014 that allows hackers to gain access to passwords and personal information,” states the Encyclopedia of Technology. This OpenSSL security flaw was discovered by the Finnish Network Security Firm, Codenomicon. It allowed for the extraction of information that was assumed to be secure from over 17% of all websites without leaving a trace. Some of the big names that were found to have this vulnerability were Google, Instagram, Tumblr, Gmail, Minecraft, and many other popular sites. In order to inhibit identity theft, all of the listed sites recommend their users change their passwords now that the problem has been alleviated. As a user of the World Wide Web, it is one’s responsibility to learn more about Heartbleed, in order to help protect one’s online identity and to make sure it is protected both now and in the future.

“A widespread vulnerability in OpenSSL, the software library used to secure communications on the web, has undermined the security on hundreds of thousands of web servers, and has left online companies scrambling to close the security hole,” states a bold headline written by Robert L. of Eweek Magazine Issue 1. (2014). Heartbleed allows a hacker to extract what was previously thought to be secure information using several rudimentary princip...

... middle of paper ...

...eved April 22, 2014, from EBSCO

Janssen, C. (2014, April 14). What is the Heartbleed Bug? - Definition from Techopedia. Techopedia. Retrieved April 28, 2014, from http://www.techopedia.com/definition/30173/heartbleed-bug (Used as an alternative for a reference book)

Kerner, S. (2014). Even Before Heartbleed, Improper Use of SSL Put Users at Risk. Eweek, 2. Retrieved April 22, 2014, from EBSCO

Kleinman, B., & Morris, K. (2014, April 15). Heartbleed: Serious Security Vulnerability. The Journal of Electronic Engineering. Retrieved April 25, 2014, from http://www.eejournal.com/archives/articles/20140415-heartbleed/

Lemos, R. (2014). 'Heartbleed' OpenSSL Flaw May Lead to Leaked Passwords, Encryption Keys. Eweek, 1. Retrieved April 22, 2014, from EBSCO

The Heartbleed Bug. (2014, April 15). Heartbleed Bug. Retrieved April 22, 2014, from http://heartbleed.com/

Open Document